生产环境Nginx配置文件
1)生产环境配置文件1
1)生产环境配置文件2
【生产环境配置文件1】
# cat nginx.conf
userwww;
worker_processes4;
worker_cpu_affinity00000001 00000010 00000100 00001000; #为每个进程分配cpu,上例中将8个进程分配到8个cpu,当然可以写多个,或者将一个进程分配到多个cpu。
events {
use epoll; #使用epoll的I/O模型,(linux2.6的高性能方式)
worker_connections65535;#每个进程允许的最多连接数
}
http
include mime.types;
default_typeapplication/octet-stream;
charset utf-8; #默认编码GBK
server_names_hash_bucket_size 128;
client_header_buffer_size 128k; #接收header的缓冲区大小
large_client_header_buffers 4 128k; #该指令用于设置客户端请求的Header头缓冲区大小,默认值为4KB。
client_max_body_size 8m; #设置客户端能够上传的文件大小,默认为1m
client_header_timeout3m;
client_body_timeout 3m;
send_timeout 3m;
sendfile on;#开启高效文件传输模式
tcp_nopush on;
tcp_nodelay on;
#keepalive_timeout0;
keepalive_timeout90; #参数的第一个值指定了客户端与服务器长连接的超时时间,超过这个时间,服务器将关闭连接。
upstream webgrp{
server 192.168.0.4:8080;
server 192.168.0.6:8080;
}
gzipon;#开启gzip压缩输出
gzip_min_length1k; #最小压缩文件大小
gzip_buffers 4 16k; #压缩缓冲区
gzip_http_version 1.0;#压缩版本,默认1.1
gzip_comp_level 2; #压缩等级(1~9)
gzip_types text/plain application/x-javascript text/css application/xml; #压缩类型,默认就已经包含 test/html
gzip_vary on; #根据HTTP头来判断是否需要压缩
#gzip_disable "MSIE \.(?!.*SV1)"; #IE6下对gzip的支持不好,在IE6下禁用gzip
#gzip_disable "MSIE."; #IE6下对gzip的支持不好,在IE6下禁用gzip
gzip_disable "MSIE."; #IE6下对gzip的支持不好,在IE6下禁用gzip
server {
listen 80;
server_namelocalhost;
root html;
location ~ .*\.(gif|jpg|jpeg|png|bmp|ioc|swf|raz|zip|txt|flv|mid|doc|ppt|pdf|xls|html|htm|shtml|mp3|wma|js|css)$ {
expires 7d; #7天过期
}
location /api {
rewrite ^/(.*) https://weblbs.chinacloudapp.cn/$1 permanent;
}
location / {
proxy_pass http://webgrp;
proxy_redirect off;
proxy_set_header Host $host;#当后端单台web服务器上也配置多个虚拟主机时,需要使用Header来区分反向代理哪个主机名
proxy_set_header X-Real-IP $remote_addr; #后端的web服务器可以通过 X-Real-IP/X-Forward-For获取用户真实IP
proxy_set_header X-Forward-For $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout90; #后端服务器连接的超时时间
proxy_send_timeout 90; #后端服务器数据回传时间
proxy_read_timeout 90; #后端服务器处理请求的时间
proxy_buffer_size 4k;
proxy_buffers 4 64k;
proxy_busy_buffers_size 128k;
proxy_temp_file_write_size 128k; #在开启缓冲后服务器响应到临时文件的功能后,设置nginx每次写数据到临时文件的大小限制
proxy_store on; #缓存读写规则
proxy_store_access user:rw group:rw all:rw; #缓存读写规则
proxy_temp_path /data1/nginx_cache/iis;#存放静态文件的缓存目录
}
error_page 500 502 503 504/50x.html;
location = /50x.html {
root html;
}
}
server {
server_name localhost;#如果这里做了域名解析,这里就填域名
listen 443;#监听端口是443端口
root html;
ssl on;#ssl加密开启
ssl_certificate /usr/local/nginx/conf/server.crt;#存放的密钥路径
ssl_certificate_key /usr/local/nginx/conf/server.key;
location ~ .*\.(gif|jpg|jpeg|png|bmp|ioc|swf|raz|zip|txt|flv|mid|doc|ppt|pdf|xls|html|htm|shtml|mp3|wma|js|css)$ { #列出的静态文件交给nginx处理
expires 7d; #7天过期
}
location /api {
proxy_pass http://webgrp;
proxy_redirect off;
proxy_set_header Host $host;#当后端单台web服务器上也配置多个虚拟主机时,需要使用Header来区分反向代理哪个主机名
proxy_set_header X-Real-IP $remote_addr; #后端的web服务器可以通过 X-Real-IP/X-Forward-For获取用户真实IP
proxy_set_header X-Forward-For $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout90; #后端服务器连接的超时时间
proxy_send_timeout 90; #后端服务器数据回传时间
proxy_read_timeout 90; #后端服务器处理请求的时间
proxy_buffer_size 4k;
proxy_buffers 4 64k;
proxy_busy_buffers_size 128k;
proxy_temp_file_write_size 128k; #在开启缓冲后服务器响应到临时文件的功能后,设置nginx每次写数据到临时文件的大小限制
proxy_store on; #缓存读写规则
proxy_store_access user:rw group:rw all:rw; #缓存读写规则
proxy_temp_path /data1/nginx_cache/iis;#存放静态文件的缓存目录
}
}
}
【生产环境配置文件2】
# cat/usr/local/nginx/conf/nginx.conf
userwww www;
worker_processes auto;
error_log/home/wwwlogs/nginx_error.logcrit;
pid /usr/local/nginx/logs/nginx.pid;
#Specifies the value for maximum file descriptors that can be opened by this process.
worker_rlimit_nofile 51200;
events
{
use epoll;
worker_connections 51200;
multi_accept on;
}
http
{
include mime.types;
default_typeapplication/octet-stream;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 50m;
sendfile on;
tcp_nopush on;
keepalive_timeout 60;
tcp_nodelay on;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 256k;
gzip on;
gzip_min_length1k;
gzip_buffers 4 16k;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css application/xml;
gzip_vary on;
gzip_proxied expired no-cache no-store private auth;
gzip_disable "MSIE \.";
#limit_conn_zone $binary_remote_addr zone=perip:10m;
##If enable limit_conn_zone,add "limit_conn perip 10;" to server section.
server_tokens off;
#log format
log_formataccess'$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" $http_x_forwarded_for';
server
{
listen 78 default;
#listen [::]:80 default ipv6only=on;
server_name www.lnmp.org;
index index.html index.htm index.php;
root/home/wwwroot/default;
#error_page 404 /404.html;
location ~ [^/]\.php(/|$)
{
# comment try_files $uri =404; to enable pathinfo
try_files $uri =404;
fastcgi_passunix:/tmp/php-cgi.sock;
fastcgi_index index.php;
include fastcgi.conf;
#include pathinfo.conf;
}
location /nginx_status {
stub_status on;
access_log off;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 12h;
}
access_log/home/wwwlogs/access.logaccess;
}
include web/*.conf;
}
# cat/usr/local/nginx/conf/web/9090.conf
server {
listen 9090;
charset utf-8;
server_name admin234.mini.yaowan.com admin.mini.yaowan.com;
root/ryzc/houtai/;
# autoindex on; #无index时是否显示文件列表
index index.html index.php;
location / {
indexindex.php index.html index.htm;
if (!-e $request_filename) {
rewrite ^/(.*)$ /index.php/$1 last;
break;
}
}
location ~ \.php($|/) {
fastcgi_passunix:/tmp/php-cgi.sock;
fastcgi_index index.php;
include fastcgi.conf;
fastcgi_split_path_info ^(.+\.php)(.*)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_paramSCRIPT_FILENAME$document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 12h;
}
}
# cat /usr/local/nginx/conf/web/80.conf
server {
listen 80;
charset utf-8;
server_name _;
root/ryzc/platform/php/auth/htdocs/;
autoindex on; #无index时是否显示文件列表
index index.html index.php;
location ~ \.php$ {
fastcgi_passunix:/tmp/php-cgi.sock;
fastcgi_index index.php;
include fastcgi.conf;
}
# cat /usr/local/nginx/conf/web/8080.conf
server {
listen 8080;
autoindex off;
charset utf-8;
server_name sg.wsyht.com;
#Nginx伪静态规则
location / {
if (-f $request_filename/index.html){
rewrite (.*) $1/index.html break;
}
if (-f $request_filename/index.php){
rewrite (.*) $1/index.php;
}
if (!-f $request_filename){
rewrite (.*) /index.php;
}
}
root /ryzc/kingdom3/;
index index.html index.php;
location ~ \.php$ {
include fastcgi_params;
}
# access_log/ryzc/wwwlogs/access_80.logaccess;
}
#缓存网站素材
#location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|js|css)$ {
# expires 30d;
#}
#如果使用了伪静态,则可以保护这些文件的正常访问
#location ~ /(images|css|js|swf|upload)/.*$ {
#
#}
#禁止某些文件被访问
#location ~ .*\.(txt|ico)$ {
# break;
#}
#nginx 伪静态写法(一定要写在最后)
#location ~ .*$ {
# rewrite ^/(.*)$ /index.php break; #目录所有链接都指向index.php
# fastcgi_pass127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
# include fastcgi.conf;
#}
}
页:
[1]